Reaching Vera servers via Sky broadband in UK

Community Playground Getting Started & Initial Setup
1

Installed my new Vera Edge on Christmas Day with much excitement :slight_smile:
Whilst I can login to the edge locally, I cannot reach it via Vera servers. I login to the Vera webpage, it lists my controller but shows it as offline.
I spent 90 minutes on the phone last week with Vera support, and with them remote controlling my PC and controller but with no success. I have port forwarded port 232 on my router but still no success.
Some broadband providers are apparently blocking ports. My provider is Sky, one of the biggest in the UK. Iā€™ve been on to their support and they assure me they arenā€™t blocking anything. I have also turned off their content filtering service ā€˜Shieldā€™.

Soā€¦my question is, have any UK users of Vera Edge had success in logging in to Vera servers using Sky broadband with the standard router?

Thanks

2

I have Vera working fine with Sky Fibre pro, but Iā€™m using a draytek routerā€¦ so possibly not all that helpful.

Canā€™t recall if you can see any settings for UPnP in the sky router. If so, that might be worth a look? Also, if you can change the upstream DNS config, try using OpenDNS or google, instead of sky.

3

Nyle
thanks for your thoughts. There is a UPnP page on the Sky router, I can see that UPnP is turned on and I can see the portmap table but not do anything with it. I set the DNS router in the Edge to 8.8.8.8 which I believe is the Google DNS server but no gain. When I fix my laptop IP address and give it that DNS, it works fine suggesting that I can at least use that DNS through the router.

4

I have a vague recollection that the sky routers themselves are ā€˜lockedā€™ to use skyā€™s own DNS, but if your Vera is hard coded to use google, it should be able to resolve the mios relays, based on the assumption that outbound DNS is allowed, and youā€™re not just falling back on a cached record when your laptop DNS is set to googleā€¦ no idea of whether you have a technical background, so forgive me if you already flushed your DNS cache :slight_smile:

It could of course be something else entirely, but as an infrastructure nerd, if something doesnā€™t work, 9/10 itā€™s a DNS problem :slight_smile:

Have you tried an nslookup against the mios relays?

The one I get right now is vera-us-oem-relay11.mios.com

nslookup
server 208.67.222.222
should return:

Default Server:  resolver1.opendns.com
Address:  208.67.222.222

vera-us-oem-relay11.mios.com

Should return:

Server:  resolver1.opendns.com
Address:  208.67.222.222

Non-authoritative answer:
Name:    vera-relay21.mios.com
Address:  54.187.71.199
Aliases:  vera-us-oem-relay11.mios.com

Should return:

Server:  resolver1.opendns.com
Address:  208.67.222.222

Non-authoritative answer:
Name:    mios.com
Address:  96.44.128.237

As long as youā€™re getting something back from DNS, I think youā€™d need to start looking for what could be getting in the way of vera tunnelling back to the relaysā€¦ When I had a sky issued router (for about a year), I never once had a problem with ports being blocked by sky. The routers are locked-down junk built by the lowest bidder, but theyā€™re not particularly restrictive on the traffic theyā€™ll pass (in my experience). That said, the Draytek router was worth every penny, to have control over my own network.

Oh, and if you (or santa) happened to buy your edge from Vesternet.com, it would well be worth giving them a call as wellā€¦

5

Hi
Really grateful for your help with thisā€¦there was a time 20 years ago when I could knock out some arps, net stops and greps. But the passage of time has taken its toll :frowning:

I havenā€™t flushed a DNS cache; I assume that this would need to be in the Edge and I donā€™t know how to get into it to do that.
I can nslookup all the names that youā€™ve listed below and get the same IP addresses back. More simplistically, if I ping those names, I get the same IP addresses back in the pings which are all successful. (This all being from my laptop which gets a DHCP address from the router and so then uses its Sky DNS servers).

Iā€™ve just changed the DNS server in the Edge from 8.8.8.8 to the first of the Sky ones. When I click on the Troubleshoot Network button in the Edge interface, I get the following:

=== IP Configuration ===
br-lan Link encap:Ethernet HWaddr E0:60:66:00:B5:0B
inet addr:192.168.0.50 Bcast:192.168.0.255 Mask:255.255.255.0
eth0 Link encap:Ethernet HWaddr E0:60:66:00:B5:0B
eth0.1 Link encap:Ethernet HWaddr E0:60:66:00:B5:0B
inet addr:127.0.0.1 Mask:255.0.0.0
ra0 Link encap:Ethernet HWaddr E0:60:67:00:B5:0C

External IP: 94.194.37.152

=== Testing Gateway: 192.168.0.1 ===
ā€¦
GATEWAY:OK
=== Testing DnsServer: 8.8.8.8 ===
ā€¦
DNSSERVER1:OK
=== Testing DnsServer: 90.207.238.97 ===
ā€¦
DNSSERVER2:OK

=== Testing External Servers ===
ā€¦
GOOGLE.COM:OK
ā€¦
STA server: network errors detected
ā€¦
EVT server: OK
TS server tunnel connection: OK
ā€¦
FWD server: OK
FWD server tunnel connection: OK

=== SSH_TUNNELS: ===
Found 12 ssh sessions running
Remote Control Tunnels are running
== DONE ==

When I had 8.8.8.8 in the DNS setting, the DNS checks failed.
That output above now looks quite clean apart from the STA server, I donā€™t know what implication that has.
I had a moment of hope when I saw that output but now again, when I login to the Vera server, it still lists my controller but shows it as offline.
Iā€™m intrigued by the 192.168.0.50 address. I have it fixed as 192.168.0.92. If I look at my laptopā€™s arp cache, it shows both 50 and 92 with the same mac address (which is the Edge one)

Iā€™ve also done two other testsā€¦ I changed the Edge connection from Ethernet to wifi and connected it to my phone hotspot. It then connected and worked as Iā€™d expect it to.
I then took the Edge to a friendā€™s house and plugged it in to his router supplied by EE, here again all worked as Iā€™d hoped, I could login to the Vera servers, the controller was listed and shown as Online and I could click through to access it. I did no configuration, eg port forwarding on the EE router.

Santa did indeed shop at Vesternet. They responded quickly but havenā€™t come up with anything that has resolved the issue. They said:

We haven?t heard of these problems with Sky however it seems very similar to what happens with BT http://www.vesternet.com/knowledgebase/technical/kb-73
Odds are Sky is now doing the same as BT and blocks third party DNS servers to prevent bypassing its ?Sky Broadband Shield?. What happens if you manually set ur PC DNS server to something as 8.8.8.8?
You can also try to disable the Shield and see if it makes a difference Sky Help | Sky.com
&
The problem is that Vera will use it?s on DNS servers instead of Sky DNS servers and some ISPs are now blocking this as a ?secure measure? meaning the problem is not on you accessing Vera but Vera being unable to reply back.
Basically you?ll need your Sky hub to give completely unrestricted access to Edge ? maybe it has a DMZ setting on the hub you can use?

Stop Press, just run Network Troubleshoot option again, STA server is happy, other ones are not.
=== IP Configuration ===
br-lan Link encap:Ethernet HWaddr E0:60:66:00:B5:0B
inet addr:192.168.0.50 Bcast:192.168.0.255 Mask:255.255.255.0
eth0 Link encap:Ethernet HWaddr E0:60:66:00:B5:0B
eth0.1 Link encap:Ethernet HWaddr E0:60:66:00:B5:0B
inet addr:127.0.0.1 Mask:255.0.0.0
ra0 Link encap:Ethernet HWaddr E0:60:67:00:B5:0C

External IP: 94.194.37.152

=== Testing Gateway: 192.168.0.1 ===
ā€¦
GATEWAY:OK
=== Testing DnsServer: 8.8.8.8 ===
ā€¦
DNSSERVER1:OK
=== Testing DnsServer: 90.207.238.97 ===
ā€¦
DNSSERVER2:OK

=== Testing External Servers ===
ā€¦
GOOGLE.COM:OK
ā€¦
STA server: OK
ā€¦
EVT server: network errors detected
TS server tunnel connection: FAILED
ā€¦
FWD server: network errors detected
FWD server tunnel connection: OK

=== SSH_TUNNELS: ===
Found 13 ssh sessions running
Remote Control Tunnels are running
== DONE ==

I could remove the controller from my account and reset to factory defaults to start again. Would need to re-add all my sensors etc but would be worth it if it worked. But, given that Iā€™ve managed to get through OK using EE and vodafone as above, Iā€™m not sure that this would help.

Not sure if any of the above leads you to any conclusions.
Iā€™m probably going to seek out another friend with a different broadband supplier again, then email the story to Sky Support. I donā€™t have high hopes of a positive response from them though, anything non-standard doesnā€™t usually get much of a helpful response.

cheers

6

OK, that all looks like itā€™s a reasonably safe bet that vera is OK, and it looks like DNS is too.

Although you will get Skyā€™s DNS from your routerā€™s DHCP server, your logs indicate you can perform lookups against 8.8.8.8, which means that although the router wont allow you to change its upstream DNS provider, it doesnā€™t actually do anything to prevent you getting out on port 53.

I canā€™t really help with those services that are failing, as I donā€™t know how vera is trying to connectā€¦ are they just HTTP, SSH, or some exotic ephemeral port? Iā€™m sure thereā€™s folks here whoā€™ll know the answer. If this were a case of port blocking, I would expect them to either work, or not work consistentlyā€¦ and not change positions on a further test.

What service are you on with Sky? (ā€œsky broadbandā€ or ā€œsky fibreā€ lite / unlimited / pro) and what model router do you have? While Iā€™m not aware of any technical limitations (besides speed and bandwidth caps) imposed on any of the products, maybe the lower-end services are restricted from something Vera is trying to useā€¦ my money would be on the router being the cause of this, but you never know.

Something else that might be worth your while is cross-posting this on skyuser.co.uk. While I doubt youā€™ll get much help with Vera specifically, it could be that one of the (very) knowledgable sky nerds on there have run into issues like this with potentially blocked ports, or maybe some weirdness with the vera firmware (DD-WRT), playing nicely with skyā€™s crappy hardwareā€¦ I think youā€™d do well to get much help from sky themselves, unless you somehow manage to get past the human answering machines reading from a script, and actually talk to a DSL / network engineerā€¦ that can be a challenge in itself!

7

I had this same issue (not with Vera but another device before I had Vera) and the problem was BTā€™s Parental controls.
I had to log into my BT account online and fully disable them, and wait about 24 hours for all services to be available.

If was trying to use DNS services other than BTā€™s, it seemed to work innitially but after a matter of seconds if I decided to navigate away from the page I was on it would bring me to the BT splash screen.

This was also allowing access to my devices but not all services, so they could ping the network but would fail to connect to servers.

I know Vesternet commented to this end, and itā€™s likely something youā€™ve looked at but thought worth mentioning my issue as it sounds very similar.

8

Hi
thanks both for comments. I did suspect the parental controls too and turned off ā€˜Sky Shieldā€™ but no difference.

Whilst I havenā€™t resolved this, I have made some interesting discoveries. I connected the Edge to my phone via the hotspot feature and all worked fine.
I then took it to a friend with a 40MB broadband service provided by EE - worked fine.
Off to another friend with Virgin service - worked fine
Tonight, my Edge is at another friendā€™s house and is working fine. Interesting thing here is that his service is from Sky. I have a 40MB fibre to cabinet service, he has copper. Both routers are the same standard SR102 units and both have the same firmware levels. Iā€™ve stayed logged in to the Edge all evening and have done a dozen network troubleshoot tests and all are perfect.

At the weekend, I had reset the Edge to factory settings and started again but no progress. That said, all of the above points to either my broadband service or something in the router. I also reset the router to factory settings and then just changed the basics (SSID, password) but that didnā€™t help.

Soā€¦ maybe closer, certainly I feel that I have something to discuss with Sky so will get on the phone to them in a couple of days when I have the Edge back.

Do you remember the days when things seemed simple?!?

thanks again for your help.

9

I reckon it could be worth seeing if Veraā€™s happy using your router on your friends serviceā€¦ or the reverse, your friends SR102 on your line?

The routers arenā€™t configured for a specific service type or user, and theyā€™ll sync both VDSL (with an openreach modem, using LAN port1, or without using the RJ11 socket) and ADSL. The username / password to connect is generated based on the router serial number, so I think itā€™ll work fine.

Edit: actually, if yours was one of the early sky fibre installs where you have an openreach modem as well, try removing that, and plugging the RJ11 cable directly from your master socket, to the router.

If the router proves to be fine on your friends service, or his/her router doesnā€™t work on yours, I think it could be the service type causing your issue. Although your friend runs copper, I think there were a few enhancements added to the copper service to appease people who arenā€™t connected to a FTTC enabled exchange. if youā€™re on 40/20, I think it could be worth a shot asking them (via the customer retentions team) to upgrade you to the 80/20 pro serviceā€¦ I got that for the same price as the 40/20 (sky fibre unlimited), once Iā€™d waved the prices for some competitors under their nose.

Also, Is there an option to factory reset the SR102? (thatā€™s the black one, right?)

10

I have now fixed the problem!!!
The problem was an IP address conflict but I believe that there is a flaw in the edge firmware that leads to this.

Coincidentally, Iā€™d reached the conclusion that you had, ie to try my hub on friendā€™s Sky line and vice versa. My hub worked on his line but then when I brought his hub back to my house, it worked too. However, at that point, I only had my laptop and the edge plugged into the hub, when I then changed his SSID to mine allowing all my other devices to connect, the Edge connection failed again. I then started to isolate my devices and found that one of my PCs has a fixed ip address of 192.168.0.50. Changing this to another address results in Edge working as billed.

Now, you might ask how I didnā€™t clock this beforeā€¦
On the 6th, Iā€™d mused ā€œIā€™m intrigued by the 192.168.0.50 address. I have it fixed as 192.168.0.92.ā€ but had been told that "This is not Vera?s local IP Address but an IP used on Vera?s underlying OS " so moved on to looking at other things.
There is something weird in the Edge IP configuration. I had fixed its address at various times as either 92 or 79, and also used DHCP. And whilst I could access the box with those addresses, going to 50 also caused it to open, or try to open, its main page. I canā€™t say that I understand what it is doing but it seems to want to be two addresses.
Iā€™ll feed this back to Vera support but in any event, I am finally up and runningā€¦ and so on to the challenges that configuring the devices etc brings.

Really grateful for help given by you both.

11

Have you ever set a static ip for Vera on your router though or only on Vera?

12

Glad you got it sorted. the NIC config on a vera does look a bit strange, but itā€™s normal. It just so happens that your LAN subnet (courtesy of the sky routerā€™s default setting) is the same as the one Vera usesā€¦ on mine, I have a 10.x.x.x LAN subnet, but Vera still has her 192.168.0.x address as well as the LAN IP she gets from a DHCP reservation.

13

Over the period I was trying to get it up and running, I tried just putting a fixed IP address in the Edge, just reserving it in the router and doing both.